<?php
include_once 'dbconnect.php';
$sql = new ownedsql;

$host = $_SERVER['HTTP_HOST'];
$uri = rtrim(dirname($_SERVER['PHP_SELF']), '/\\');

function checkIfLoggedIn()
{
    //globális változók amire szükség lesz
    global $_SESSION, $sql, $host, $uri;

    //SQL lekérdezés a felhasználói adatok beszerzéséhez

    if (isset($_SESSION['userID']) and isset($_SESSION['userName']) and isset($_SESSION['userPass'])) {
        $uid = $_SESSION['userID'];
        $user = $_SESSION['userName'];
        $pass = $_SESSION['userPass'];
        $sql->connect();
        $sql->query("SELECT * FROM 3i_usernames WHERE uName='$user' AND uid='$uid'");
        $result = $sql->query;
        $sql->kill();

        while ($item = mysql_fetch_array($result)) {
            if (md5($item['uPass']) == $pass) {
            } else {
                $extra = 'index.php';
                header("Location: http://$host$uri/$extra");
            }
        }
    } else {
        $extra = 'index.php';
        header("Location: http://$host$uri/$extra");
    }


}

function checkValidSession() {
    global $_SESSION, $sql, $host, $uri;

    //SQL lekérdezés a felhasználói adatok beszerzéséhez
    $retval=false;
    if (isset($_SESSION['userID']) and isset($_SESSION['userName']) and isset($_SESSION['userPass'])) {
        $uid = $_SESSION['userID'];
        $user = $_SESSION['userName'];
        $pass = $_SESSION['userPass'];
        $sql->connect();
        $sql->query("SELECT * FROM 3i_usernames WHERE uName='$user' AND uid='$uid'");
        $result = $sql->query;
        $sql->kill();

        while ($item = mysql_fetch_array($result)) {
            if (md5($item['uPass']) == $pass) {
                $retval=true;
            } else {
                $retval=false;
            }
        }
    } else {
        $retval = false;
    }
    return $retval;
}

function isAdmin()
{
    global $sql, $_SESSION;

    if (checkValidSession() == true) {
        $uid = $_SESSION['userID'];
        $sql->connect();
        $sql->query("SELECT * FROM 3i_job_assoc WHERE uid='$uid'");
        $result = $sql->query;
        $sql->kill();
        while ($item=mysql_fetch_array($result)) {
            if ($item['jobid']==1) {
                $retval=true;
            } else {
                $retval=false;
            }
        }
    }
    return $retval;
}

function clean_var($variable)
{
    $variable = strip_tags(stripslashes(trim(rtrim(mysql_real_escape_string($variable)))));
    return $variable;
}
?>